Report - sucrityidbusiness2288.duckdns.org/confirm.html

Report Overview

Visited public
2023-09-24 23:17:55
Tags
dyndns
URL
sucrityidbusiness2288.duckdns.org/confirm.html
Finishing URL
sucrityidbusiness2288.duckdns.org/confirm.html
IP / ASN
103.37.124.105
#0
Title
Facebook
Suspicious - DynDNS domain

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
kit.fontawesome.com	1868	2012-10-18	2019-12-16 20:51:31	2023-09-24 18:38:14	475 B	28 kB	104.18.23.52
sucrityidbusiness2288.duckdns.org	unknown	2013-04-12	2023-09-23 12:03:29	2023-09-24 17:46:14	1.5 kB	495 kB	103.37.124.105
ocsp.pki.goog	175	2016-06-13	2018-07-01 08:43:07	2023-09-24 18:12:04	666 B	1.4 kB	142.250.74.131
ajax.googleapis.com	12905	2005-01-25	2013-08-16 11:51:31	2023-09-24 23:44:58	450 B	32 kB	142.250.74.42
ocsp.sectigo.com	487	2018-08-16	2019-11-29 12:50:24	2023-09-24 23:31:12	330 B	963 B	104.18.14.101
api.ipify.org	3267	2014-01-05	2014-10-06 14:38:43	2023-09-23 18:12:44	467 B	219 B	64.185.227.156
ka-f.fontawesome.com	3598	2012-10-18	2019-12-17 07:36:13	2023-09-24 19:09:02	2.1 kB	137 kB	172.64.130.9
upload.wikimedia.org	2215	2003-03-16	2012-05-21 11:39:45	2023-09-23 19:03:13	491 B	1.5 kB	185.15.59.240
cdn.jsdelivr.net	439	2012-05-16	2012-09-30 02:15:09	2023-09-24 18:14:53	2.1 kB	78 kB	151.101.193.229
code.jquery.com	634	2005-12-10	2012-05-21 19:28:02	2023-09-24 19:47:37	477 B	32 kB	151.101.130.137

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-09-24 23:17:37	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-24 23:17:37	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-24 23:17:37	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-24 23:17:37	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-24 23:17:39	medium	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to a *.duckdns .org Domain
2023-09-24 23:17:39	low	Client IP	Internal IP	ET INFO DYNAMIC_DNS Query to *.duckdns. Domain
2023-09-24 23:17:39	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-24 23:17:39	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-24 23:17:39	low	Client IP	Internal IP	ET INFO External IP Lookup Domain (ipify .org) in DNS Lookup
2023-09-24 23:17:40	low	Client IP	64.185.227.156	ET INFO External IP Address Lookup Domain (ipify .org) in TLS SNI

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-09-24	medium	sucrityidbusiness2288.duckdns.org/confirm.html	Facebook, Inc.
2023-09-24	medium	sucrityidbusiness2288.duckdns.org/	Facebook, Inc.
2023-09-24	medium	sucrityidbusiness2288.duckdns.org/	Facebook, Inc.

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-09-24	medium	sucrityidbusiness2288.duckdns.org	Sinkholed
2023-09-24	medium	sucrityidbusiness2288.duckdns.org	Sinkholed
2023-09-24	medium	sucrityidbusiness2288.duckdns.org	Sinkholed

ThreatFox

No alerts detected

JavaScript (7)

	URL	From	Size	First Seen	Last Seen
	cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js	ScriptElement	60 kB	2023-03-07	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 21:26 Times Seen5335 Hash 61f338f870fcd0ff46362ef109d28533 b3c116c65e6f053aaab45e5619a78ec00271a50f 5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548 Loading...

	kit.fontawesome.com/83fd8385f7.js	ScriptElement	12 kB	2023-08-03	2024-11-01
Pretty URL kit.fontawesome.com/83fd8385f7.js IP 104.18.23.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-03 11:27 Last Seen2024-11-01 17:46 Times Seen312 Hash db23c81455aae8811b15da8365d4357b 5a938d7e697a68125be7e0aa8e59486654365d4c 7dc1b850e94055cb2e1d197420f0ac66eb2d8cce333f847533d195ec2e4af2dd Loading...

	ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js	ScriptElement	90 kB	2023-03-07	2025-05-11
Pretty URL ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-11 02:17 Times Seen205847 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js	ScriptElement	79 kB	2023-03-07	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03 Last Seen2025-05-10 22:47 Times Seen11907 Hash 0aa8d64e726c4a57adb5c88f9115996b 901169527507ff9e662cf64d8e361f359308970d 7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe Loading...

	sucrityidbusiness2288.duckdns.org/confirm.html	ScriptElement	1.4 kB	2023-07-16	2024-09-19
Pretty URL sucrityidbusiness2288.duckdns.org/confirm.html IP 103.37.124.105 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 01:33 Last Seen2024-09-19 20:15 Times Seen133 Hash f6e4e09921fbd672e3b1c45f6843b6b0 9bb266ecc422ff2fe11559dc8e190c3384f67dcd 8419d323254593395bc15f7c8691f789a5e33a5e8e53d2b425c9ede9c154562d Loading...

	sucrityidbusiness2288.duckdns.org/confirm.html	ScriptElement	828 B	2023-07-16	2024-09-19
Pretty URL sucrityidbusiness2288.duckdns.org/confirm.html IP 103.37.124.105 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-07-16 01:33 Last Seen2024-09-19 20:15 Times Seen140 Hash 51ec6a9ccf1854948489c06fc6556b77 ccf37bb222f3157effeac11b093c481f9c8232f1 35929f249e8c39f94e6b3a78f4be5901367409f8b033fca3428789d6332643cd Loading...

	cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js	ScriptElement	21 kB	2023-03-07	2025-05-10
Pretty URL cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js IP 151.101.193.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-05-10 21:22 Times Seen5551 Hash 84415b7368fd6fc764cbe86039ce0626 62f238e73348c77eb9e865426a7d1b7de23cbb2d c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060 Loading...

HTTP Transactions (19)

URL IP Response Size

cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css

151.101.193.229

200 OK

26 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/css/bootstrap.min.css
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65324)
Size
26 kB (26116 bytes)
Hash
7cc40c199d128af6b01e74a28c5900b0
d305110fb79113a961394b433d851a3410342b8c
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

HTTP Headers

GET /npm/bootstrap@4.4.1/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.4.1
x-jsd-version-type: version
etag: W/"26f1b-0wURD7eRE6lhOUtDPYUaNBA0K4w"
content-encoding: br
accept-ranges: bytes
date: Sun, 24 Sep 2023 23:17:38 GMT
age: 4539594
x-served-by: cache-fra-eddf8230099-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 26116
X-Firefox-Spdy: h2

sucrityidbusiness2288.duckdns.org/confirm.html

103.37.124.105

200 OK

147 kB

URL User Request GET HTTP/1.1
sucrityidbusiness2288.duckdns.org/confirm.html
IP
103.37.124.105:443
ASN
#0

Certificate
IssuercPanel, Inc.
Subjectsucrityidbusiness2288.duckdns.org
FingerprintCD:30:53:12:7B:74:8D:8B:DD:05:A5:32:05:4F:0E:D1:3E:0C:C6:62
ValiditySat, 23 Sep 2023 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (33829)
Size
147 kB (147158 bytes)
Hash
d36623fac934d21ada36eb109fbc83c8
ea650b05b8a4ee6211a3efed9a4cd37b33eabb78
64872e522f982680d39b4d78282060676060eebba0302b941807bac247aca716

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /confirm.html HTTP/1.1
Host: sucrityidbusiness2288.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 23:17:38 GMT
Server: Apache
Last-Modified: Sat, 23 Sep 2023 10:25:14 GMT
Accept-Ranges: bytes
Content-Length: 147158
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html

cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

151.101.193.229

200 OK

24 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (65299)
Size
24 kB (23943 bytes)
Hash
0aa8d64e726c4a57adb5c88f9115996b
901169527507ff9e662cf64d8e361f359308970d
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

HTTP Headers

GET /npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.0.2
x-jsd-version-type: version
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
content-encoding: br
accept-ranges: bytes
date: Sun, 24 Sep 2023 23:17:39 GMT
age: 10746653
x-served-by: cache-fra-eddf8230080-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23943
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js

151.101.193.229

200 OK

7.8 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/popper.js@1.16.0/dist/umd/popper.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (21084)
Size
7.8 kB (7835 bytes)
Hash
84415b7368fd6fc764cbe86039ce0626
62f238e73348c77eb9e865426a7d1b7de23cbb2d
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

HTTP Headers

GET /npm/popper.js@1.16.0/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 1.16.0
x-jsd-version-type: version
etag: W/"5309-YvI45zNIx3656GVCan0bfeI8uy0"
content-encoding: br
accept-ranges: bytes
date: Sun, 24 Sep 2023 23:17:39 GMT
age: 10134351
x-served-by: cache-fra-eddf8230104-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 7835
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js

151.101.193.229

200 OK

17 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/bootstrap@4.4.1/dist/js/bootstrap.min.js
IP
151.101.193.229:443
ASN
#54113 FASTLY

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint88:D1:D3:FA:BE:69:45:71:5A:74:78:14:1A:E8:F3:5A:88:69:9C:7F
ValidityFri, 23 Dec 2022 10:55:14 GMT - Wed, 24 Jan 2024 10:55:13 GMT

File type
ASCII text, with very long lines (59729)
Size
17 kB (17008 bytes)
Hash
61f338f870fcd0ff46362ef109d28533
b3c116c65e6f053aaab45e5619a78ec00271a50f
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

HTTP Headers

GET /npm/bootstrap@4.4.1/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.4.1
x-jsd-version-type: version
etag: W/"ea6a-s8EWxl5vBTqqtF5WGaeOwAJxpQ8"
content-encoding: br
accept-ranges: bytes
date: Sun, 24 Sep 2023 23:17:39 GMT
age: 2931211
x-served-by: cache-fra-eddf8230118-FRA, cache-bma1650-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 17008
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.6.0.min.js

151.101.130.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.6.0.min.js
IP
151.101.130.137:443
ASN
#54113 FASTLY

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (30875 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /jquery-3.6.0.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d9d"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 24 Sep 2023 23:17:39 GMT
age: 359359
x-served-by: cache-lga21931-LGA, cache-bma1652-BMA
x-cache: HIT, HIT
x-cache-hits: 30, 97379
x-timer: S1695597459.208228,VS0,VE0
vary: Accept-Encoding
content-length: 30875
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c5ff8d7acc8e7364e55f0f702753cdf3
8070b53f5904114284c148c6a9e31bd0a812fb88
60894dff5403072fe1a10fedc55fd9c34f223afc4073351c32ac819abe8d63fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

142.250.74.42

200 OK

31 kB

URL GET HTTP/2
ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
IP
142.250.74.42:443
ASN
#15169 GOOGLE

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
FingerprintBE:40:3A:A6:DE:CC:A7:8B:75:43:68:F2:F9:56:63:71:49:61:06:49
ValidityMon, 04 Sep 2023 08:23:18 GMT - Mon, 27 Nov 2023 08:23:17 GMT

File type
ASCII text, with very long lines (65447)
Size
31 kB (31017 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

HTTP Headers

GET /ajax/libs/jquery/3.6.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 31017
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 22 Sep 2023 10:05:21 GMT
expires: Sat, 21 Sep 2024 10:05:21 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 220338
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

471 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
c5ff8d7acc8e7364e55f0f702753cdf3
8070b53f5904114284c148c6a9e31bd0a812fb88
60894dff5403072fe1a10fedc55fd9c34f223afc4073351c32ac819abe8d63fc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 24 Sep 2023 23:17:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sucrityidbusiness2288.duckdns.org/Facebook_f_logo.png

103.37.124.105

200 OK

73 kB

URL GET HTTP/1.1
sucrityidbusiness2288.duckdns.org/Facebook_f_logo.png
IP
103.37.124.105:443
ASN
#0

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuercPanel, Inc.
Subjectsucrityidbusiness2288.duckdns.org
FingerprintCD:30:53:12:7B:74:8D:8B:DD:05:A5:32:05:4F:0E:D1:3E:0C:C6:62
ValiditySat, 23 Sep 2023 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
PNG image data, 2048 x 2048, 8-bit/color RGBA, non-interlaced\012- data
Size
73 kB (73382 bytes)
Hash
65df09dbb9166f247de083239cf4afd8
7d326258e869741b8558de74710a977274520cc0
79c20677cdad62f33798382bf81b3fd30044d1f49b8952995d9a6d7c704e7e70

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /Facebook_f_logo.png HTTP/1.1
Host: sucrityidbusiness2288.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/confirm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 23:17:39 GMT
Server: Apache
Last-Modified: Wed, 12 Jul 2023 01:15:28 GMT
Accept-Ranges: bytes
Content-Length: 73382
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

kit.fontawesome.com/83fd8385f7.js

104.18.23.52

200 OK

28 kB

URL GET HTTP/2
kit.fontawesome.com/83fd8385f7.js
IP
104.18.23.52:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerDigiCert Inc
Subject*.fontawesome.com
Fingerprint6C:69:02:A7:9B:07:84:8E:D0:3D:0A:10:61:8E:01:80:88:37:EF:5E
ValidityTue, 22 Nov 2022 00:00:00 GMT - Sat, 23 Dec 2023 23:59:59 GMT

File type
gzip compressed data, from Unix\012- data
Size
28 kB (27739 bytes)
Hash
f8ae51557a75c0ec62b0ab5b48fbf3d2
8b01b8507f2debcaedea11de35c90f1d8ab632b7
38cdf86d9c8fca54a59ad621613bd191c8895f63a0e6c8058744f1837e5d8e62

HTTP Headers

GET /83fd8385f7.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 23:17:38 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, stale-while-revalidate=30
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: F4f456lbImUq1mEVY-dD
cf-cache-status: MISS
server: cloudflare
cf-ray: 80bebdf3a83f5691-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.14.101

471 B

URL
ocsp.sectigo.com/
IP
104.18.14.101:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
27423d4209c6f2a544820070a43fbc45
d3c933dae6a2c009599a14b39c64d05db704e895
c550ccbe16a61980b8150dcd0c3688c3e392481e210c423299d18e55d66d2cae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 23:17:39 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 24 Sep 2023 00:38:11 GMT
Expires: Sun, 01 Oct 2023 00:38:10 GMT
Etag: "d3c933dae6a2c009599a14b39c64d05db704e895"
Cache-Control: max-age=522920,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 80bebdfc594e56b4-OSL

api.ipify.org/?format=json

64.185.227.156

200 OK

21 B

URL GET HTTP/1.1
api.ipify.org/?format=json
IP
64.185.227.156:443
ASN
#18450 WEBNX

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerSectigo Limited
Subject*.ipify.org
FingerprintF4:76:2D:2C:65:D1:15:BE:19:A4:C5:E0:8D:EB:89:1A:B6:75:4A:54
ValidityTue, 07 Feb 2023 00:00:00 GMT - Sun, 18 Feb 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
7d69c71af0f191e9a72db6153f8018d1
f67c5f2887bc05654b47f76e9621e53a4091aed1
5bac6e06cf0e1ad38c55f9f9d12122272bf4b8157877629fe68cd33fe2133c65

HTTP Headers

GET /?format=json HTTP/1.1
Host: api.ipify.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.25.1
Date: Sun, 24 Sep 2023 23:17:39 GMT
Content-Type: application/json
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: *
Vary: Origin

sucrityidbusiness2288.duckdns.org/recovery.png

103.37.124.105

200 OK

274 kB

URL GET HTTP/1.1
sucrityidbusiness2288.duckdns.org/recovery.png
IP
103.37.124.105:443
ASN
#0

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuercPanel, Inc.
Subjectsucrityidbusiness2288.duckdns.org
FingerprintCD:30:53:12:7B:74:8D:8B:DD:05:A5:32:05:4F:0E:D1:3E:0C:C6:62
ValiditySat, 23 Sep 2023 00:00:00 GMT - Fri, 22 Dec 2023 23:59:59 GMT

File type
PNG image data, 1340 x 1338, 8-bit/color RGBA, non-interlaced\012- data
Size
274 kB (273625 bytes)
Hash
0b6c07045c1d1b275b9a60b47daa63e7
659f97c7e778c62e672328eff61ed9053db4d50a
c7fa8b6a6d8fb4ff2b71397516a22e120028fd6f023591e255a8910ff32a8fae

Detections

Analyzer	Verdict	Alert
urlquery	suspicious	Suspicious - DynDNS domain
OpenPhish	phishing	Facebook, Inc.
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /recovery.png HTTP/1.1
Host: sucrityidbusiness2288.duckdns.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/confirm.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 24 Sep 2023 23:17:39 GMT
Server: Apache
Last-Modified: Wed, 12 Jul 2023 01:15:28 GMT
Accept-Ranges: bytes
Content-Length: 273625
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=83fd8385f7

172.64.130.9

200 OK

1.8 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-font-face.min.css?token=83fd8385f7
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (1803), with no line terminators
Size
1.8 kB (1775 bytes)
Hash
e222c7d81e67e7d64f8e1e2c2bf5b558
05f52e4d94bf5f8a4f874589b2c66f3d40b64ce6
35f3c6cee4d181081c6e1c723440924507201b46e4d5aa80a63fe29f7d8c748a

HTTP Headers

GET /releases/v6.4.2/css/free-v4-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sucrityidbusiness2288.duckdns.org/
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 23:17:38 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
etag: W/"9b853b50f37dd0ca770ce0f294d427df"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 90b0c7315c3da3c762112b5b8fdfc0aa.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 2mMYPkSP_rpzq_N8-f0DsXEX6Ft6OE9cjTqmDHcMK3h4czwVATUZ5g==
age: 4533
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L4jCaI7N6PBinfvyqFbOnS11fYA14tsW0ANqVE77ITi7rVtHWSa3fmX%2BeotxDyZfvcDYczxAhaPvbJqnEg0abGaqpn%2FkaZ8rvkUMkW%2Ft2zZrr0U2oNq8EbPSJjrxUsr%2BR4Y0Sq7n4w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80bebdf58cc624d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

upload.wikimedia.org/wikipedia/commons/5/51/Facebook_f_logo_%282019%29.svg

185.15.59.240

200 OK

358 B

URL GET HTTP/2
upload.wikimedia.org/wikipedia/commons/5/51/Facebook_f_logo_%282019%29.svg
IP
185.15.59.240:443
ASN
#14907 WIKIMEDIA

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerDigiCert Inc
Subject*.wikipedia.org
Fingerprint91:D4:DD:DD:2F:F9:18:E0:19:07:D8:6B:C7:54:54:F1:1A:8F:2C:DC
ValidityThu, 27 Oct 2022 00:00:00 GMT - Fri, 17 Nov 2023 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (378), with no line terminators
Size
358 B (358 bytes)
Hash
929651de7be55b27691e4548585e2471
41e11272d1ec97d4f84e8186dd553f79a7b89454
b6f7243088bc089f18eff2ccf1dc44795926cda6816e4cc47fe1e256d7088583

HTTP Headers

GET /wikipedia/commons/5/51/Facebook_f_logo_%282019%29.svg HTTP/1.1
Host: upload.wikimedia.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://sucrityidbusiness2288.duckdns.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 05:05:23 GMT
server: ATS/9.1.4
etag: W/ce0c8188520a88e43c81e611847721ac
content-type: image/svg+xml
x-object-meta-sha1base36: jqxuxf8zsvmr9w4ubfr58fktkadka64
last-modified: Thu, 20 Aug 2020 10:11:57 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 65535
x-cache: cp3078 hit, cp3078 hit/201
x-cache-status: hit-front
server-timing: cache;desc="hit-front", host;desc="cp3078"
strict-transport-security: max-age=106384710; includeSubDomains; preload
report-to: { "group": "wm_nel", "max_age": 604800, "endpoints": [{ "url": "https://intake-logging.wikimedia.org/v1/events?stream=w3c.reportingapi.network_error&schema_uri=/w3c/reportingapi/network_error/1.0.0" }] }
nel: { "report_to": "wm_nel", "max_age": 604800, "failure_fraction": 0.05, "success_fraction": 0.0}
x-client-ip: 91.90.42.154
x-content-type-options: nosniff
access-control-allow-origin: *
access-control-expose-headers: Age, Date, Content-Length, Content-Range, X-Content-Duration, X-Cache
timing-allow-origin: *
accept-ranges: bytes
content-length: 265
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=83fd8385f7

172.64.130.9

200 OK

103 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.4.2/css/free.min.css?token=83fd8385f7
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (65321)
Size
103 kB (102749 bytes)
Hash
ae737a19e46fd502ba9cbe9e33213861
a4b5d757af122c49259d4398807e62d4ca6f2493
5e0821588462d15b0ff8e911760fc041332c162e2e30ab4b1071bcc8eb6c8223

HTTP Headers

GET /releases/v6.4.2/css/free.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sucrityidbusiness2288.duckdns.org/
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 23:17:38 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
etag: W/"ae737a19e46fd502ba9cbe9e33213861"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 d6030d5ab753695c0198f874d4276eb2.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: UzOKO3pULGE0yfX15LfTZAapailRAXY9j8a9NqmplhqasgdhzKF13g==
age: 4533
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=thjE5aXvExrk9Q2UbBsKANT3VL6GkiX8bbtJaasLJ1ADXQL0ItsBXNgc7Qc6zVxIAKs2zHzcu2iwqlypKef%2BFGLT4wNvUV%2BC7R03kCiyPJ852f%2FKcG9sDliBL%2BsvsdAmairj8cBRBg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80bebdf57cbe24d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=83fd8385f7

172.64.130.9

200 OK

28 kB

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.4.2/css/free-v4-shims.min.css?token=83fd8385f7
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (27377)
Size
28 kB (27592 bytes)
Hash
da06df503ced6ee507b5fb4fa0999f74
d10d67ffa9c263e24c43b1df7fa3ba8f2dee2c36
236e285339a2a692e9491d356489cdf83513cfb1add049a0620123d644e47554

HTTP Headers

GET /releases/v6.4.2/css/free-v4-shims.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sucrityidbusiness2288.duckdns.org/
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 23:17:38 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
etag: W/"da06df503ced6ee507b5fb4fa0999f74"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 c58391b07051938ceda6615614fbabb0.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: VwsURhlv06gQ9pKy7lA0cMCxZ-KY-gf0X51zqKejW4sYkfZIrO1KUA==
age: 4533
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ciWmY1c2WDclpkvdRSCmQWERgix62FcNeTo9CNKtaI7S9nciTCjFGmFFBXLTa9gAnpvLCJ3K4pj7WauMCepfOGTlYuKOwON8mh93NNMMpkOm1qqskyoRhGLj%2BYb1CKXSnbc%2FaZiERg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 80bebdf58cc424d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=83fd8385f7

172.64.130.9

200 OK

823 B

URL GET HTTP/2
ka-f.fontawesome.com/releases/v6.4.2/css/free-v5-font-face.min.css?token=83fd8385f7
IP
172.64.130.9:443
ASN
#13335 CLOUDFLARENET

Requested by
https://sucrityidbusiness2288.duckdns.org/confirm.html
Certificate
IssuerGoogle Trust Services LLC
Subjectka-f.fontawesome.com
Fingerprint64:27:AB:CA:DB:24:8C:C9:87:09:13:04:21:49:9C:6A:4E:DD:97:93
ValiditySun, 10 Sep 2023 05:39:32 GMT - Sat, 09 Dec 2023 05:39:31 GMT

File type
ASCII text, with very long lines (845), with no line terminators
Size
823 B (823 bytes)
Hash
60f771d70194eee2f6ca53f652629c57
80569fe18344d0c3f526479a886fba91d2de0aca
64d1a9645b5b437137ca6c04f5aa6bedd4fe5d102c592894411232a7121e7b02

HTTP Headers

GET /releases/v6.4.2/css/free-v5-font-face.min.css?token=83fd8385f7 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sucrityidbusiness2288.duckdns.org/
Origin: https://sucrityidbusiness2288.duckdns.org
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 24 Sep 2023 23:17:38 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 01 Aug 2023 19:07:56 GMT
etag: W/"dbf296002d53e56d340b105d9d764940"
x-amz-server-side-encryption: AES256
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 ee8862e43d7837ef5478becfe2eb7116.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: 3zIIb99r86Ui43vtKLPgGI4M22_i6diXgcLorZf8tZxfR3GT349qZw==
age: 4533
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jMX%2BHScoigD18eTLkS%2B76HhO48T8cCEPSL4CxkviTtStWz87PEkTXpGmyNpzLRTQtorCzQ1RX7y%2BcZrCFk96Y9VhVyWmA0KHsFREv5ratkNf0lYwgdrSMzzD10r3LVERQ1SAipAA0A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 80bebdf57cc124d8-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (7)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (19)

URL GET HTTP/2

IP

ASN

Requested by

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections